Shortly after my blog post yesterday I received a sample which seemed quite interesting. So I decided to take a closer look at things.
Turns out I that the specimen was another first – a bank Trojan which specifically targets (amongst others) a Dutch bank.
De Postbank has been the target of a number of phishing attacks, as it’s the only big bank in the Netherlands still using TAN codes.
It was just a matter of time before the criminals turned to Trojans instead of phishing.
We detect this sample as Trojan-Spy.Win32.Agent.ew.